U tweetove putem weba ili aplikacija drugih proizvođača možete dodati podatke o lokaciji, kao što su grad ili točna lokacija. Povijest lokacija tweetova uvijek možete izbrisati. Saznajte više
1\ There's an intuition in #infosec that behavioral malware detection (ML or not) is better than file-based (static) detection because it's resilient to packing and detects malware in the act. In fact, empirical results bear out that files, even packed files, are better signals.
2\ @kberlin and my research shows this. Here's a ROC plot giving results for our behavioral detection work, giving curves for 0, 1, and 2 years of concept drift: (https://arxiv.org/pdf/1506.04200.pdf …). ~50% detection of previously unseen binaries @ 0.1% false positive rate.pic.twitter.com/65nDe838tG
3\ In contrast, detection that operates merely on files-on-disk, *even when many of them are packed* performs far better. Our research given here, on static file detection, gets a ~67.7% detection rate on unseen samples, under time-based cross-validation: https://arxiv.org/pdf/1508.03096.pdf …pic.twitter.com/3V7kZfjAz1
4\ Why is behavioral detection harder than file-based? Mainly, it's because malware's behavior is highly variable depending on its run-time environment, and because packed files betray statistical malicious cues. Adversarial packing often works *poorly* w.r.t. evasion.
5\ The lesson here is that if we're after traditional file-based attack detection, files themselves will be the main signal in our detection pipelines. But for adversary-hands-on-keyboard, living-off-the-land attacks, behavioral detection is obviously where it's at.
Twitter je možda preopterećen ili ima kratkotrajnih poteškoća u radu. Pokušajte ponovno ili potražite dodatne informacije u odjeljku Status Twittera.
